Apple released iOS Security Guide

Apple introduced a security guide for iOS, which was published on Apple.com sometime in late May. Seen outside the Apple developer community, it was only now. This publication is noteworthy because this is the first time Apple has released a guide that is more focused on administrators.

The new manual includes four sections on topics such as system architecture, encryption and information security, network security, and device access.

Reading the introduction, it becomes clear that the goal of the guide is to help corporate IT departments understand the security situation of iOS devices, including the iPhone, iPod Touche and iPad. It is important that all this information is presented in a language that is understandable to those employed in the field of IT staff, as more and more enterprises allow employees to use personal devices for work and implement programs to use their own devices in the workplace.
')
The report begins like this:

Apple has developed the iOS platform, laying the foundation for it. The content of information on a mobile device is safe for any user, whether they have access to corporate and customer information or store personal photos, banking information and addresses ...

For organizations that care about the security of iOS devices, the guide will help you understand how the built-in security features work together to ensure the security of the mobile computing platform.

While it may seem to some that the manual is an example of Apple’s growing openness (on issues not related to new products), much of the information contained in the manual is not new at the moment. It was just differently stated for another public.

However, the manual similarly describes such things as the code signing process and ASLR in iOS, which were not previously described openly by Apple security researchers.

Another “tidbit” for IT employees is a list of items that administrators can limit using configuration profiles as part of their technical tools for managing the life cycle of mobile devices. For example, you can limit Siri ( as IBM recently did ), plus FaceTime, a camera, instant screenshots, application installation, in-app purchases, Game Center, YouTube, pop-up ads, cookies, and more. Now people have more freedom to choose in the settings of devices that they can use for work, but IT employees have to rebuild to ensure the usual level of security.

Manual: http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf